Skip to content

fix(starlette): Stop duplicating scope["root_path"] in URLs#6579

Merged
alexander-alderman-webb merged 22 commits into
masterfrom
webb/asgi/double-mount-prefix
Jun 26, 2026
Merged

fix(starlette): Stop duplicating scope["root_path"] in URLs#6579
alexander-alderman-webb merged 22 commits into
masterfrom
webb/asgi/double-mount-prefix

remove default arguments

557c418
Select commit
Loading
Failed to load commit list.
@sentry/warden / warden: find-bugs completed Jun 26, 2026

1 issue

find-bugs: Found 1 issue (1 low)

Low

EITHER mode produces double-slash URL when root_path is "/" - `sentry_sdk/integrations/_asgi_common.py:47-50`

In _get_path, when root_path_in_path is EITHER and scope["root_path"] is "/", the guard not root_path or path == root_path or path.startswith(root_path + "/") fails for normal paths: not "/" is False, "/api/users" == "/" is False, and "/api/users".startswith("//") is False. Execution falls through to return root_path + path, yielding "/" + "/api/users" = "//api/users". This produces a malformed URL/transaction name. The ASGI spec says root_path SHOULD NOT end with "/", so this only affects servers that misconfigure root_path as "/" instead of "".

Also found at:

  • sentry_sdk/integrations/asgi.py:411

⏱ 19m 46s · 3.5M in / 139.7k out · $4.37